|
297801
|
- |
|
pbboard
|
pbboard
|
The new_password page in PBBoard 2.1.4 allows remote attackers to change the password of arbitrary user accounts via the member_id and new_password parameters to index.php.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4035
|
2024-11-21 10:42 |
2012-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297802
|
- |
|
pbboard
|
pbboard
|
Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote attackers to execute arbitrary SQL commands via the (1) username parameter to the send page, (2) email parameter to the forget pag…
|
CWE-89
SQL Injection
|
CVE-2012-4034
|
2024-11-21 10:42 |
2012-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297803
|
- |
|
rsgallery2
|
com_rsgallery2
|
The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! 2.5.x does not place index.html files in image directories, which allows remote attackers to list image filenames via a request for …
|
CWE-200
Information Exposure
|
CVE-2012-4235
|
2024-11-21 10:42 |
2012-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297804
|
- |
|
rsgallery2
|
com_rsgallery2
|
Cross-site scripting (XSS) vulnerability in the comments module in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4071
|
2024-11-21 10:42 |
2012-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297805
|
- |
|
fenrir-inc
|
sleipnir_mobile
|
Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to in…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4004
|
2024-11-21 10:42 |
2012-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297806
|
- |
|
symantec
|
web_gateway
|
SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter.
|
CWE-89
SQL Injection
|
CVE-2012-4178
|
2024-11-21 10:42 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297807
|
- |
|
ubi
|
uplay_pc
|
The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -orbit_exe_path command line argument.
|
CWE-78
OS Command
|
CVE-2012-4177
|
2024-11-21 10:42 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297808
|
- |
|
naver
|
nhn_japan_naver_line
|
The NHN Japan NAVER LINE application before 2.5.5 for Android does not properly handle implicit intents, which allows remote attackers to obtain sensitive message information via a crafted applicatio…
|
CWE-200
Information Exposure
|
CVE-2012-4005
|
2024-11-21 10:42 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297809
|
- |
|
opera
|
opera_browser
|
Opera before 12.01 allows remote attackers to cause a denial of service (application crash) via a crafted web site, as demonstrated by the Lenovo "Shop now" page.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4146
|
2024-11-21 10:42 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297810
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, has unknown impact and attack vectors, related to a "low severity issue."
|
NVD-CWE-noinfo
|
CVE-2012-4145
|
2024-11-21 10:42 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
